AMENDMENTS TO THE CLAIMS 



Claims 1-12 (Cancelled) 

Claim 13 (Currently Amended) A method of operating a communication system comprising 
(i) an Nth authentication apparatus, (ii) an (N+l)th authentication apparatus, and (iii) an (N+l)th 
download server, each being connected over a communication network, 

wherein N and (N+l) are values each indicating a number in a sequence in a case where a 
plurality of authentication apparatuses and a plurality of corresponding download servers are 
sequentially put into operation, N being an integer of 1 or larger, 
wherein the Nth authentication apparatus includes: 

an Nth server certificate issue unit operable to issue an Nth server certificate 
ensuring validity of an application server; and 

an Nth certificate authority (CA) information issue unit operable to issue Nth CA 
information including an Nth CA certificate and an (N+l)th address for update, the Nth CA 
certificate indicating that the Nth server certificate is valid, and the (N+l)th address for update 
indicating a location of the (N+l )th download server on the communication network, 
wherein the (N+l)th authentication apparatus includes: 

an (N+l)th server certificate issue unit operable to issue an (N+l)th server 
certificate ensuring the validity of the application server; and 

an (N+l)th CA information issue unit operable to issue (N+l)th CA information 
including an (N+l)th CA certificate and an (N+2)th address for update, the (N+l)th CA 
certificate indicating that the (N+l)th server certificate is valid, the (N+2)th address for update 
indicating a location, on the communication network, of an (N+2)th download server on which 
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(N+2)th CA information is placed, and the (N+2)th CA information including an (N+2)th CA 
certificate to be a next valid CA certificate in a case where the (N+l)th CA certificate is revoked, 
wherein the (N+l)th download server includes: 

a CA information storage unit operable to store the (N+l)th CA information 
including the (N+l)th CA certificate to be a next valid CA certificate in a case where the Nth CA 
certificate is revoked; and 

an output unit operable to output, to a communication apparatus, the (N+l)th CA 
information stored in the CA information storage unit, the communication apparatus being 
connected to the (N+l)th download server via the communication network, the communication 
apparatus being a client apparatus that receives a service from the application server after the 
validity of the application server is verified, and 
wherein said method comprises: 

an Nth operation step of starting up the Nth authentication apparatus to place the 
Nth authentication apparatus in operation to issue the Nth server certificate; 

a first revocation determination step of determining whether or not the Nth CA 

certificate has been revoked before a validity period of the Nth CA certificate expires; 

a before -validity-period-expiration determination step of determining whether or 

not a certain point in time before the validity period of the Nth CA certificate expires has arrived, 
when said first revocation determination step determines that the Nth CA certificate has not been 
revoked; 

issuing, via the Nth CA information issue unit of the Nth authentication apparatus, 
the Nth CA information including (i) the Nth CA cortificato indicating that the Nth server 
cortificato is valid and (ii) the (N+l)th address for update indicating the location of the (N+l)th 
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download server on the communication network; 

an (N+l)th operation step of after said starting up of the operation of the Nth 
authentication apparatus, starting up the (N+l)th authentication apparatus and the (N+l)th 
download server to place the (N+l)th authentication apparatus and the (N+l)th download server 
into operation, when said before-validity-period-expiration determination step determines that 
the certain point in time before the validity period of the Nth CA certificate expires has arrived 
such that the (N+l)th download server outputs the (N+l)th CA information stored in the CA 
information storage unit to the communication apparatus that is the client apparatus that receives 
the service from the application server after the validity of the application server is verified, said 
starting up of the (N+l)th authentication apparatus and the (N+l)th download server taking place 
before a validity period of the Nth CA certificate expires; and ; 

a second revocation determination step of redetermining whether or not the Nth 

CA certificate has been revoked before the validity period of the Nth CA certificate expires; 

a validity-period-expiration determination step of determining whether or not the 

validity period of the Nth CA certificate has expired, when said second revocation determination 
step determines that the Nth CA certificate has not been revoked; and 

a termination step of terminating the operation o f the Nth authentication apparatus 
when said validity-period-expiration determination step determines that the validity period of the 
Nth CA certificate has expired the (N+l )th download server after the validity period of the Nth 
CA certificate expires . 

Claim 14 (Currently Amended) The method according to Claim 13, 

wherein,4» said starting up of the CN+l)t h operation step further includes, when the Nth 
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CA certificate is revoked before the validity period of the Nth CA certificate expires, starting up 
authentication apparatus and the (N+l)th download server, the (N+l)th authentication apparatus 
and the (N+l)th download server to be put into are put in operation-w 
is revoked . 



Claim 15 (Cancelled) 
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